diff options
Diffstat (limited to 'common/recipes-kernel/linux/linux-yocto-4.9.21/0038-KPTI-Rename-to-PAGE_TABLE_ISOLATION.patch')
-rw-r--r-- | common/recipes-kernel/linux/linux-yocto-4.9.21/0038-KPTI-Rename-to-PAGE_TABLE_ISOLATION.patch | 359 |
1 files changed, 0 insertions, 359 deletions
diff --git a/common/recipes-kernel/linux/linux-yocto-4.9.21/0038-KPTI-Rename-to-PAGE_TABLE_ISOLATION.patch b/common/recipes-kernel/linux/linux-yocto-4.9.21/0038-KPTI-Rename-to-PAGE_TABLE_ISOLATION.patch deleted file mode 100644 index 23caec1c..00000000 --- a/common/recipes-kernel/linux/linux-yocto-4.9.21/0038-KPTI-Rename-to-PAGE_TABLE_ISOLATION.patch +++ /dev/null @@ -1,359 +0,0 @@ -From 5e40b997d86f563b8ebe8a17019fca81af241bfb Mon Sep 17 00:00:00 2001 -From: Kees Cook <keescook@chromium.org> -Date: Wed, 3 Jan 2018 10:17:35 -0800 -Subject: [PATCH 038/103] KPTI: Rename to PAGE_TABLE_ISOLATION - -This renames CONFIG_KAISER to CONFIG_PAGE_TABLE_ISOLATION. - -Signed-off-by: Kees Cook <keescook@chromium.org> -Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> ---- - arch/x86/boot/compressed/misc.h | 2 +- - arch/x86/entry/entry_64.S | 12 ++++++------ - arch/x86/events/intel/ds.c | 4 ++-- - arch/x86/include/asm/cpufeatures.h | 2 +- - arch/x86/include/asm/kaiser.h | 12 ++++++------ - arch/x86/include/asm/pgtable.h | 4 ++-- - arch/x86/include/asm/pgtable_64.h | 4 ++-- - arch/x86/include/asm/pgtable_types.h | 2 +- - arch/x86/include/asm/tlbflush.h | 2 +- - arch/x86/kernel/head_64.S | 2 +- - arch/x86/mm/Makefile | 2 +- - arch/x86/mm/kaslr.c | 2 +- - include/linux/kaiser.h | 6 +++--- - include/linux/percpu-defs.h | 2 +- - security/Kconfig | 2 +- - tools/arch/x86/include/asm/cpufeatures.h | 2 +- - 16 files changed, 31 insertions(+), 31 deletions(-) - -diff --git a/arch/x86/boot/compressed/misc.h b/arch/x86/boot/compressed/misc.h -index cd80024..4f4c42a 100644 ---- a/arch/x86/boot/compressed/misc.h -+++ b/arch/x86/boot/compressed/misc.h -@@ -9,7 +9,7 @@ - */ - #undef CONFIG_PARAVIRT - #undef CONFIG_PARAVIRT_SPINLOCKS --#undef CONFIG_KAISER -+#undef CONFIG_PAGE_TABLE_ISOLATION - #undef CONFIG_KASAN - - #include <linux/linkage.h> -diff --git a/arch/x86/entry/entry_64.S b/arch/x86/entry/entry_64.S -index d4ba81e..5bb9b02 100644 ---- a/arch/x86/entry/entry_64.S -+++ b/arch/x86/entry/entry_64.S -@@ -1071,7 +1071,7 @@ ENTRY(paranoid_entry) - SWAPGS - xorl %ebx, %ebx - 1: --#ifdef CONFIG_KAISER -+#ifdef CONFIG_PAGE_TABLE_ISOLATION - /* - * We might have come in between a swapgs and a SWITCH_KERNEL_CR3 - * on entry, or between a SWITCH_USER_CR3 and a swapgs on exit. -@@ -1111,7 +1111,7 @@ ENTRY(paranoid_exit) - DISABLE_INTERRUPTS(CLBR_NONE) - TRACE_IRQS_OFF_DEBUG - TRACE_IRQS_IRETQ_DEBUG --#ifdef CONFIG_KAISER -+#ifdef CONFIG_PAGE_TABLE_ISOLATION - /* No ALTERNATIVE for X86_FEATURE_KAISER: paranoid_entry sets %ebx */ - testl $2, %ebx /* SWITCH_USER_CR3 needed? */ - jz paranoid_exit_no_switch -@@ -1338,7 +1338,7 @@ ENTRY(nmi) - - movq %rsp, %rdi - movq $-1, %rsi --#ifdef CONFIG_KAISER -+#ifdef CONFIG_PAGE_TABLE_ISOLATION - /* Unconditionally use kernel CR3 for do_nmi() */ - /* %rax is saved above, so OK to clobber here */ - ALTERNATIVE "jmp 2f", "movq %cr3, %rax", X86_FEATURE_KAISER -@@ -1352,7 +1352,7 @@ ENTRY(nmi) - #endif - call do_nmi - --#ifdef CONFIG_KAISER -+#ifdef CONFIG_PAGE_TABLE_ISOLATION - /* - * Unconditionally restore CR3. I know we return to - * kernel code that needs user CR3, but do we ever return -@@ -1582,7 +1582,7 @@ end_repeat_nmi: - 1: - movq %rsp, %rdi - movq $-1, %rsi --#ifdef CONFIG_KAISER -+#ifdef CONFIG_PAGE_TABLE_ISOLATION - /* Unconditionally use kernel CR3 for do_nmi() */ - /* %rax is saved above, so OK to clobber here */ - ALTERNATIVE "jmp 2f", "movq %cr3, %rax", X86_FEATURE_KAISER -@@ -1598,7 +1598,7 @@ end_repeat_nmi: - /* paranoidentry do_nmi, 0; without TRACE_IRQS_OFF */ - call do_nmi - --#ifdef CONFIG_KAISER -+#ifdef CONFIG_PAGE_TABLE_ISOLATION - /* - * Unconditionally restore CR3. We might be returning to - * kernel code that needs user CR3, like just just before -diff --git a/arch/x86/events/intel/ds.c b/arch/x86/events/intel/ds.c -index c2e4ae2..f97d8b4 100644 ---- a/arch/x86/events/intel/ds.c -+++ b/arch/x86/events/intel/ds.c -@@ -274,7 +274,7 @@ static DEFINE_PER_CPU(void *, insn_buffer); - - static void *dsalloc(size_t size, gfp_t flags, int node) - { --#ifdef CONFIG_KAISER -+#ifdef CONFIG_PAGE_TABLE_ISOLATION - unsigned int order = get_order(size); - struct page *page; - unsigned long addr; -@@ -295,7 +295,7 @@ static void *dsalloc(size_t size, gfp_t flags, int node) - - static void dsfree(const void *buffer, size_t size) - { --#ifdef CONFIG_KAISER -+#ifdef CONFIG_PAGE_TABLE_ISOLATION - if (!buffer) - return; - kaiser_remove_mapping((unsigned long)buffer, size); -diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpufeatures.h -index 20271d6..454a37a 100644 ---- a/arch/x86/include/asm/cpufeatures.h -+++ b/arch/x86/include/asm/cpufeatures.h -@@ -199,7 +199,7 @@ - #define X86_FEATURE_AVX512_4FMAPS (7*32+17) /* AVX-512 Multiply Accumulation Single precision */ - - /* Because the ALTERNATIVE scheme is for members of the X86_FEATURE club... */ --#define X86_FEATURE_KAISER ( 7*32+31) /* CONFIG_KAISER w/o nokaiser */ -+#define X86_FEATURE_KAISER ( 7*32+31) /* CONFIG_PAGE_TABLE_ISOLATION w/o nokaiser */ - - /* Virtualization flags: Linux defined, word 8 */ - #define X86_FEATURE_TPR_SHADOW ( 8*32+ 0) /* Intel TPR Shadow */ -diff --git a/arch/x86/include/asm/kaiser.h b/arch/x86/include/asm/kaiser.h -index b5e46aa..802bbbd 100644 ---- a/arch/x86/include/asm/kaiser.h -+++ b/arch/x86/include/asm/kaiser.h -@@ -20,7 +20,7 @@ - #define KAISER_SHADOW_PGD_OFFSET 0x1000 - - #ifdef __ASSEMBLY__ --#ifdef CONFIG_KAISER -+#ifdef CONFIG_PAGE_TABLE_ISOLATION - - .macro _SWITCH_TO_KERNEL_CR3 reg - movq %cr3, \reg -@@ -69,7 +69,7 @@ movq PER_CPU_VAR(unsafe_stack_register_backup), %rax - 8: - .endm - --#else /* CONFIG_KAISER */ -+#else /* CONFIG_PAGE_TABLE_ISOLATION */ - - .macro SWITCH_KERNEL_CR3 - .endm -@@ -78,11 +78,11 @@ movq PER_CPU_VAR(unsafe_stack_register_backup), %rax - .macro SWITCH_KERNEL_CR3_NO_STACK - .endm - --#endif /* CONFIG_KAISER */ -+#endif /* CONFIG_PAGE_TABLE_ISOLATION */ - - #else /* __ASSEMBLY__ */ - --#ifdef CONFIG_KAISER -+#ifdef CONFIG_PAGE_TABLE_ISOLATION - /* - * Upon kernel/user mode switch, it may happen that the address - * space has to be switched before the registers have been -@@ -100,10 +100,10 @@ extern void __init kaiser_check_boottime_disable(void); - #else - #define kaiser_enabled 0 - static inline void __init kaiser_check_boottime_disable(void) {} --#endif /* CONFIG_KAISER */ -+#endif /* CONFIG_PAGE_TABLE_ISOLATION */ - - /* -- * Kaiser function prototypes are needed even when CONFIG_KAISER is not set, -+ * Kaiser function prototypes are needed even when CONFIG_PAGE_TABLE_ISOLATION is not set, - * so as to build with tests on kaiser_enabled instead of #ifdefs. - */ - -diff --git a/arch/x86/include/asm/pgtable.h b/arch/x86/include/asm/pgtable.h -index 217e83a..2536f90 100644 ---- a/arch/x86/include/asm/pgtable.h -+++ b/arch/x86/include/asm/pgtable.h -@@ -18,7 +18,7 @@ - #ifndef __ASSEMBLY__ - #include <asm/x86_init.h> - --#ifdef CONFIG_KAISER -+#ifdef CONFIG_PAGE_TABLE_ISOLATION - extern int kaiser_enabled; - #else - #define kaiser_enabled 0 -@@ -920,7 +920,7 @@ static inline void pmdp_set_wrprotect(struct mm_struct *mm, - static inline void clone_pgd_range(pgd_t *dst, pgd_t *src, int count) - { - memcpy(dst, src, count * sizeof(pgd_t)); --#ifdef CONFIG_KAISER -+#ifdef CONFIG_PAGE_TABLE_ISOLATION - if (kaiser_enabled) { - /* Clone the shadow pgd part as well */ - memcpy(native_get_shadow_pgd(dst), -diff --git a/arch/x86/include/asm/pgtable_64.h b/arch/x86/include/asm/pgtable_64.h -index cf68b5c..ce97c8c6 100644 ---- a/arch/x86/include/asm/pgtable_64.h -+++ b/arch/x86/include/asm/pgtable_64.h -@@ -106,7 +106,7 @@ static inline void native_pud_clear(pud_t *pud) - native_set_pud(pud, native_make_pud(0)); - } - --#ifdef CONFIG_KAISER -+#ifdef CONFIG_PAGE_TABLE_ISOLATION - extern pgd_t kaiser_set_shadow_pgd(pgd_t *pgdp, pgd_t pgd); - - static inline pgd_t *native_get_shadow_pgd(pgd_t *pgdp) -@@ -127,7 +127,7 @@ static inline pgd_t *native_get_shadow_pgd(pgd_t *pgdp) - BUILD_BUG_ON(1); - return NULL; - } --#endif /* CONFIG_KAISER */ -+#endif /* CONFIG_PAGE_TABLE_ISOLATION */ - - static inline void native_set_pgd(pgd_t *pgdp, pgd_t pgd) - { -diff --git a/arch/x86/include/asm/pgtable_types.h b/arch/x86/include/asm/pgtable_types.h -index f0d9a1a..f1c8ac4 100644 ---- a/arch/x86/include/asm/pgtable_types.h -+++ b/arch/x86/include/asm/pgtable_types.h -@@ -144,7 +144,7 @@ - #define X86_CR3_PCID_MASK (X86_CR3_PCID_NOFLUSH | X86_CR3_PCID_ASID_MASK) - #define X86_CR3_PCID_ASID_KERN (_AC(0x0,UL)) - --#if defined(CONFIG_KAISER) && defined(CONFIG_X86_64) -+#if defined(CONFIG_PAGE_TABLE_ISOLATION) && defined(CONFIG_X86_64) - /* Let X86_CR3_PCID_ASID_USER be usable for the X86_CR3_PCID_NOFLUSH bit */ - #define X86_CR3_PCID_ASID_USER (_AC(0x80,UL)) - -diff --git a/arch/x86/include/asm/tlbflush.h b/arch/x86/include/asm/tlbflush.h -index 8db339a..183af59 100644 ---- a/arch/x86/include/asm/tlbflush.h -+++ b/arch/x86/include/asm/tlbflush.h -@@ -137,7 +137,7 @@ static inline void cr4_set_bits_and_update_boot(unsigned long mask) - * Declare a couple of kaiser interfaces here for convenience, - * to avoid the need for asm/kaiser.h in unexpected places. - */ --#ifdef CONFIG_KAISER -+#ifdef CONFIG_PAGE_TABLE_ISOLATION - extern int kaiser_enabled; - extern void kaiser_setup_pcid(void); - extern void kaiser_flush_tlb_on_return_to_user(void); -diff --git a/arch/x86/kernel/head_64.S b/arch/x86/kernel/head_64.S -index d04479b..67cd7c1 100644 ---- a/arch/x86/kernel/head_64.S -+++ b/arch/x86/kernel/head_64.S -@@ -405,7 +405,7 @@ GLOBAL(early_recursion_flag) - .balign PAGE_SIZE; \ - GLOBAL(name) - --#ifdef CONFIG_KAISER -+#ifdef CONFIG_PAGE_TABLE_ISOLATION - /* - * Each PGD needs to be 8k long and 8k aligned. We do not - * ever go out to userspace with these, so we do not -diff --git a/arch/x86/mm/Makefile b/arch/x86/mm/Makefile -index c505569..c548b46 100644 ---- a/arch/x86/mm/Makefile -+++ b/arch/x86/mm/Makefile -@@ -38,4 +38,4 @@ obj-$(CONFIG_NUMA_EMU) += numa_emulation.o - obj-$(CONFIG_X86_INTEL_MPX) += mpx.o - obj-$(CONFIG_X86_INTEL_MEMORY_PROTECTION_KEYS) += pkeys.o - obj-$(CONFIG_RANDOMIZE_MEMORY) += kaslr.o --obj-$(CONFIG_KAISER) += kaiser.o -+obj-$(CONFIG_PAGE_TABLE_ISOLATION) += kaiser.o -diff --git a/arch/x86/mm/kaslr.c b/arch/x86/mm/kaslr.c -index 9284ec1..319183d 100644 ---- a/arch/x86/mm/kaslr.c -+++ b/arch/x86/mm/kaslr.c -@@ -189,6 +189,6 @@ void __meminit init_trampoline(void) - *pud_tramp = *pud; - } - -- /* Avoid set_pgd(), in case it's complicated by CONFIG_KAISER */ -+ /* Avoid set_pgd(), in case it's complicated by CONFIG_PAGE_TABLE_ISOLATION */ - trampoline_pgd_entry = __pgd(_KERNPG_TABLE | __pa(pud_page_tramp)); - } -diff --git a/include/linux/kaiser.h b/include/linux/kaiser.h -index 4a4d6d9..58c55b1 100644 ---- a/include/linux/kaiser.h -+++ b/include/linux/kaiser.h -@@ -1,7 +1,7 @@ - #ifndef _LINUX_KAISER_H - #define _LINUX_KAISER_H - --#ifdef CONFIG_KAISER -+#ifdef CONFIG_PAGE_TABLE_ISOLATION - #include <asm/kaiser.h> - - static inline int kaiser_map_thread_stack(void *stack) -@@ -24,7 +24,7 @@ static inline void kaiser_unmap_thread_stack(void *stack) - #else - - /* -- * These stubs are used whenever CONFIG_KAISER is off, which -+ * These stubs are used whenever CONFIG_PAGE_TABLE_ISOLATION is off, which - * includes architectures that support KAISER, but have it disabled. - */ - -@@ -48,5 +48,5 @@ static inline void kaiser_unmap_thread_stack(void *stack) - { - } - --#endif /* !CONFIG_KAISER */ -+#endif /* !CONFIG_PAGE_TABLE_ISOLATION */ - #endif /* _LINUX_KAISER_H */ -diff --git a/include/linux/percpu-defs.h b/include/linux/percpu-defs.h -index cfe13cb..8902f23 100644 ---- a/include/linux/percpu-defs.h -+++ b/include/linux/percpu-defs.h -@@ -35,7 +35,7 @@ - - #endif - --#ifdef CONFIG_KAISER -+#ifdef CONFIG_PAGE_TABLE_ISOLATION - #define USER_MAPPED_SECTION "..user_mapped" - #else - #define USER_MAPPED_SECTION "" -diff --git a/security/Kconfig b/security/Kconfig -index fd2ceeb..32f36b4 100644 ---- a/security/Kconfig -+++ b/security/Kconfig -@@ -31,7 +31,7 @@ config SECURITY - - If you are unsure how to answer this question, answer N. - --config KAISER -+config PAGE_TABLE_ISOLATION - bool "Remove the kernel mapping in user mode" - default y - depends on X86_64 && SMP -diff --git a/tools/arch/x86/include/asm/cpufeatures.h b/tools/arch/x86/include/asm/cpufeatures.h -index 67c93d9..f79669a 100644 ---- a/tools/arch/x86/include/asm/cpufeatures.h -+++ b/tools/arch/x86/include/asm/cpufeatures.h -@@ -198,7 +198,7 @@ - #define X86_FEATURE_AVX512_4FMAPS (7*32+17) /* AVX-512 Multiply Accumulation Single precision */ - - /* Because the ALTERNATIVE scheme is for members of the X86_FEATURE club... */ --#define X86_FEATURE_KAISER ( 7*32+31) /* CONFIG_KAISER w/o nokaiser */ -+#define X86_FEATURE_KAISER ( 7*32+31) /* CONFIG_PAGE_TABLE_ISOLATION w/o nokaiser */ - - /* Virtualization flags: Linux defined, word 8 */ - #define X86_FEATURE_TPR_SHADOW ( 8*32+ 0) /* Intel TPR Shadow */ --- -2.7.4 - |